Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only show Followers that current user can access #20220

Merged
merged 6 commits into from
Jul 5, 2022
Merged

Only show Followers that current user can access #20220

merged 6 commits into from
Jul 5, 2022

Conversation

zeripath
Copy link
Contributor

@zeripath zeripath commented Jul 3, 2022

Users who are following or being followed by a user should only be
displayed if the viewing user can see them.

Signed-off-by: Andrew Thornton art27@cantab.net

@zeripath
Only show Followers that current user can access
93cec4c 
Users who are following or being followed by a user should only be
displayed if the viewing user can see them.

Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath zeripath added this to the 1.18.0 milestone Jul 3, 2022
Gusted
Gusted reviewed Jul 3, 2022
View reviewed changes
models/user/user.go Outdated Show resolved Hide resolved
models/user/user.go Outdated Show resolved Hide resolved
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Jul 3, 2022
@zeripath
builder.Neq not builder.NEq
aeff803 
Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath
remove common cond as it is confusing people
08d46f9 
Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath
use lowercase for visibility
a450aba 
Signed-off-by: Andrew Thornton <art27@cantab.net>
Gusted
Gusted approved these changes Jul 3, 2022
View reviewed changes
Copy link
Contributor

@Gusted Gusted left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code seems to work with expected behavior.

@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Jul 3, 2022
@codecov-commenter
Copy link

Codecov Report

❗ No coverage uploaded for pull request base (main@9d9bf66). Click here to learn what that means.
The diff coverage is 0.00%.

❗ Current head 93cec4c differs from pull request most recent head a450aba. Consider uploading reports for the commit a450aba to get more accurate results

@@           Coverage Diff           @@
##             main   #20220   +/-   ##
=======================================
  Coverage        ?   46.92%           
=======================================
  Files           ?      973           
  Lines           ?   134890           
  Branches        ?        0           
=======================================
  Hits            ?    63292           
  Misses          ?    63841           
  Partials        ?     7757
Impacted Files Coverage Δ
models/user/user.go 51.41% <0.00%> (ø)
routers/api/v1/user/follower.go 0.00% <0.00%> (ø)
routers/web/user/profile.go 46.85% <0.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 9d9bf66...a450aba. Read the comment docs.

@Gusted Gusted mentioned this pull request Jul 3, 2022
Closed
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Jul 5, 2022
@zeripath
Copy link
Contributor Author

zeripath commented Jul 5, 2022

make lgtm work

@zeripath zeripath merged commit 45f1752 into go-gitea:main Jul 5, 2022
@zeripath zeripath deleted the no-show-followers-no-can-see branch July 5, 2022 15:47
zeripath added a commit to zeripath/gitea that referenced this pull request Jul 5, 2022
@zeripath
Only show Followers that current user can access (go-gitea#20220)
01e1bc7 
Backport go-gitea#20220

Users who are following or being followed by a user should only be
displayed if the viewing user can see them.

Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath zeripath mentioned this pull request Jul 5, 2022
Merged
@zeripath zeripath mentioned this pull request Jul 5, 2022
Merged
@zeripath zeripath added the backport/done All backports for this PR have been created label Jul 5, 2022
zeripath added a commit to zeripath/gitea that referenced this pull request Jul 5, 2022
@zeripath
Only show Followers that current user can access (go-gitea#20220)
c7c44dd 
Backport go-gitea#20220

Users who are following or being followed by a user should only be
displayed if the viewing user can see them.

Signed-off-by: Andrew Thornton <art27@cantab.net>
zeripath added a commit to 42wim/gitea that referenced this pull request Jul 5, 2022
@zeripath
Only show Followers that current user can access (go-gitea#20220)
c01ad82 
Users who are following or being followed by a user should only be
displayed if the viewing user can see them.

Signed-off-by: Andrew Thornton <art27@cantab.net>
lunny pushed a commit that referenced this pull request Jul 6, 2022
@zeripath
Only show Followers that current user can access (#20220) (#20253)
b42df31 
Backport #20220

Users who are following or being followed by a user should only be
displayed if the viewing user can see them.

Signed-off-by: Andrew Thornton <art27@cantab.net>
zeripath added a commit that referenced this pull request Jul 6, 2022
@zeripath
Only show Followers that current user can access (#20220) (#20252)
a92d247 
Backport #20220

Users who are following or being followed by a user should only be
displayed if the viewing user can see them.

Signed-off-by: Andrew Thornton <art27@cantab.net>
zjjhot added a commit to zjjhot/gitea that referenced this pull request Jul 7, 2022
@zjjhot
Merge remote-tracking branch 'upstream/main'
310604f 
* upstream/main:
  Modify milestone search keywords to be case insensitive (go-gitea#20266)
  Fix toolip on mobile notification bell (go-gitea#20270)
  Allow RSA 2047 bit keys (go-gitea#20272)
  Refix notification bell placement (go-gitea#20251)
  Bump mermaid from 9.1.1 to 9.1.2 (go-gitea#20256)
  EscapeFilter the group dn membership (go-gitea#20200)
  Only show Followers that current user can access (go-gitea#20220)
  Init popup for new code comment (go-gitea#20234)
  Bypass Firefox (iOS) bug (go-gitea#20244)
  Adjust max-widths for the repository file table (go-gitea#20243)
  Display full name (go-gitea#20171)
  Adjust class for mobile has the problem of double small bells (go-gitea#20236)
  Adjust template for go-gitea#20069 smallbell (go-gitea#20108)
  Add integration tests for the Gitea migration form (go-gitea#20121)
  Allow dev i18n to be more concurrent (go-gitea#20159)
  Allow enable LDAP source and disable user sync via CLI (go-gitea#20206)
dineshsalunke pushed a commit to dineshsalunke/gitea that referenced this pull request Jul 9, 2022
@zeripath @dineshsalunke
Only show Followers that current user can access (go-gitea#20220)
b010ac6 
Users who are following or being followed by a user should only be
displayed if the viewing user can see them.

Signed-off-by: Andrew Thornton <art27@cantab.net>
tyroneyeh added a commit to tyroneyeh/gitea that referenced this pull request Jul 13, 2022
@tyroneyeh
Squashed commit of the following:
2f8e79c 
commit 713bc6c
Author: 6543 <6543@obermui.de>
Date:   Tue Jul 12 20:26:27 2022 +0200

    Changelog for 1.16.9 (update) (go-gitea#20341)

    * Changelog for 1.16.9 (update)

    * update security section

commit 6b7e860
Author: Lunny Xiao <xiaolunwen@gmail.com>
Date:   Wed Jul 13 01:13:31 2022 +0800

    Hide notify mail setting ui if not enabled (go-gitea#20138) (go-gitea#20337)

    Backport go-gitea#20138

commit 0f89417
Author: Gusted <williamzijl7@hotmail.com>
Date:   Tue Jul 12 12:52:20 2022 +0000

    Add write check for creating Commit status (go-gitea#20332) (go-gitea#20334)

    - Backport go-gitea#20332
      - Add write code checks for creating new commit status
      - Regression from go-gitea#5314
      - Resolves go-gitea#20331

commit 7c80a0b
Author: zeripath <art27@cantab.net>
Date:   Mon Jul 11 10:15:43 2022 +0100

    Ensure that drone tags 1.16.x and 1.16 on push to v1.16.x tag (go-gitea#20304)

    We need pushes to v1.16.9 to create tags to 1.16.9 and 1.16 but not 1 or latest.

    We have previously adjusted the manifest to remove the latest tag, and have removed
    auto_tags so that 1 does not get tagged but in doing so we also stopped 1.16 being
    tagged. So here we just state the that we tag x.yy in addition to x.yyz*.

    Signed-off-by: Andrew Thornton <art27@cantab.net>

commit b42df31
Author: zeripath <art27@cantab.net>
Date:   Wed Jul 6 02:47:16 2022 +0100

    Only show Followers that current user can access (go-gitea#20220) (go-gitea#20253)

    Backport go-gitea#20220

    Users who are following or being followed by a user should only be
    displayed if the viewing user can see them.

    Signed-off-by: Andrew Thornton <art27@cantab.net>

commit 6162fb0
Author: Gusted <williamzijl7@hotmail.com>
Date:   Fri Jul 1 17:39:10 2022 +0200

    Check for permission when fetching user controlled issues (go-gitea#20133) (go-gitea#20196)

    * Check if project has the same repository id with issue when assign project to issue

    * Check if issue's repository id match project's repository id

    * Add more permission checking

    * Remove invalid argument

    * Fix errors

    * Add generic check

    * Remove duplicated check

    * Return error + add check for new issues

    * Apply suggestions from code review

    Co-authored-by: Gusted <williamzijl7@hotmail.com>
    Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
    Co-authored-by: 6543 <6543@obermui.de>
vsysoev pushed a commit to IntegraSDL/gitea that referenced this pull request Aug 10, 2022
@zeripath
Only show Followers that current user can access (go-gitea#20220)
5e90eac 
Users who are following or being followed by a user should only be
displayed if the viewing user can see them.

Signed-off-by: Andrew Thornton <art27@cantab.net>
@yp05327 yp05327 mentioned this pull request Apr 26, 2023
Merged
@go-gitea go-gitea locked and limited conversation to collaborators May 3, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@Gusted Gusted Gusted approved these changes

@wxiaoguang wxiaoguang wxiaoguang approved these changes

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. type/bug
Projects
None yet
Milestone
1.18.0
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@zeripath @codecov-commenter @wxiaoguang @Gusted @GiteaBot